package com.kate.cloud.shiro.realm;

import com.kate.cloud.shiro.dao.JzMenuMapper;
import com.kate.cloud.shiro.dao.JzRoleMapper;
import com.kate.cloud.shiro.dao.JzUserMapper;
import com.kate.cloud.shiro.entity.JzMenu;
import com.kate.cloud.shiro.entity.JzRole;
import com.kate.cloud.shiro.entity.JzUser;
import com.kate.cloud.shiro.enums.DelEnum;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.crypto.hash.SimpleHash;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.TreeSet;
import java.util.stream.Collectors;

/**
 * Created by 李金照 on 2017/12/13.
 *
 * @author 金照
 */
public class AuthorizeRealm extends AuthorizingRealm {

    @Autowired
    private JzUserMapper userMapper;

    @Autowired
    private JzRoleMapper roleMapper;

    @Autowired
    private JzMenuMapper menuMapper;

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        Object principal = principalCollection.getPrimaryPrincipal();
        List<JzRole> roleList = roleMapper.selectByLoginName((String) principal);
        Set<String> roles = roleList.stream().map(JzRole::getName).collect(Collectors.toCollection(TreeSet::new));
        List<JzMenu> menuList = menuMapper.selectByroleIds(roleList.stream().map(JzRole::getId).collect(Collectors.toList()));
        Set<String> permissions = menuList.stream().map(JzMenu::getPermission).collect(Collectors.toCollection(TreeSet::new));
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        simpleAuthorizationInfo.addRoles(roles);
        simpleAuthorizationInfo.addStringPermissions(permissions);
        return simpleAuthorizationInfo;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
        String username = token.getUsername();
        JzUser user = userMapper.selectByLoginName(username);
        if(user==null){
            throw new UnknownAccountException("账号不存在");
        }
        if(user.getDelFlag() == DelEnum.DEL_FLAG_DELETE.getCode().toString()){
            throw new LockedAccountException("账号被锁定");
        }
        Object principal = user.getLoginName();
        Object hashedCredentials = user.getPassword();
        ByteSource credentialsSalt =ByteSource.Util.bytes(user.getLoginName());
        String realmName = getName();
        return new SimpleAuthenticationInfo(principal,hashedCredentials,credentialsSalt,realmName);
    }

    public static void  main(String[] args){
        String hashAlgorithmName = "MD5";
        Object credentials = "mate";
        Object salt = ByteSource.Util.bytes("mate");
        int hashIterations = 1024;
        Object result = new SimpleHash(hashAlgorithmName, credentials, salt, hashIterations);
        System.out.println(result);
    }
}
